Transport mode choice and body mass index: Cross-sectional and longitudinal evidence from a European-wide study.

BACKGROUND: In the fight against rising overweight and obesity levels, and unhealthy urban environments, the renaissance of active mobility (cycling and walking as a transport mode) is encouraging. Transport mode has been shown to be associated to body mass index (BMI), yet there is limited longitudinal evidence demonstrating causality. We aimed to associate transport mode and BMI cross-sectionally, but also prospectively in the first ever European-wide longitudinal study on transport and health. METHODS: Data were from the PASTA project that recruited adults in seven European cities (Antwerp, Barcelona, London, Oerebro, Rome, Vienna, Zurich) to complete a series of questionnaires on travel behavior, physical activity levels, and BMI. To assess the association between transport mode and BMI as well as change in BMI we performed crude and adjusted linear mixed-effects modeling for cross-sectional (n = 7380) and longitudinal (n = 2316) data, respectively. RESULTS: Cross-sectionally, BMI was 0.027 kg/m2 (95%CI 0.015 to 0.040) higher per additional day of car use per month. Inversely, BMI was -0.010 kg/m2 (95%CI -0.020 to -0.0002) lower per additional day of cycling per month. Changes in BMI were smaller in the longitudinal within-person assessment, however still statistically significant. BMI decreased in occasional (less than once per week) and non-cyclists who increased cycling (-0.303 kg/m2, 95%CI -0.530 to -0.077), while frequent (at least once per week) cyclists who stopped cycling increased their BMI (0.417 kg/m2, 95%CI 0.033 to 0.802). CONCLUSIONS: Our analyses showed that people lower their BMI when starting or increasing cycling, demonstrating the health benefits of active mobility

Making Masking Security Proofs Concrete - Or How to Evaluate the Security of any Leaking Device

We investigate the relationships between theoretical studies of leaking cryptographic devices and concrete security evaluations with standard side-channel attacks. Our contributions are in four parts. First, we connect the formal analysis of the masking countermeasure proposed by Duc et al. (Eurocrypt 2014) with the Eurocrypt 2009 evaluation framework for side-channel key recovery attacks. In particular, we re-state their main proof for the masking countermeasure based on a mutual information metric, which is frequently used in concrete physical security evaluations. Second, we discuss the tightness of the Eurocrypt 2014 bounds based on experimental case studies. This allows us to conjecture a simplified link between the mutual information metric and the success rate of a side-channel adversary, ignoring technical parameters and proof artifacts. Third, we introduce heuristic (yet well-motivated) tools for the evaluation of the masking countermeasure when its independent leakage assumption is not perfectly fulfilled, as it is frequently encountered in practice. Thanks to these tools, we argue that masking with non-independent leakages may provide improved security levels in certain scenarios. Eventually, we consider the tradeoff between measurement complexity and key enumeration in divide-and-conquer side-channel attacks, and show that it can be predicted based on the mutual information metric, by solving a non-linear integer programming problem for which efficient solutions exist. The combination of these observations enables significant reductions of the evaluation costs for certification bodies

Evaluation of Different Recruitment Methods: Longitudinal, Web-Based, Pan-European Physical Activity Through Sustainable Transport Approaches (PASTA) Project

BACKGROUND: Sufficient sample size and minimal sample bias are core requirements for empirical data analyses. Combining opportunistic recruitment with a Web-based survey and data-collection platform yields new benefits over traditional recruitment approaches. OBJECTIVE: This paper aims to report the success of different recruitment methods and obtain data on participants' characteristics, participation behavior, recruitment rates, and representativeness of the sample. METHODS: A longitudinal, Web-based survey was implemented as part of the European PASTA (Physical Activity through Sustainable Transport Approaches) project, between November 2014 and December 2016. During this period, participants were recruited from 7 European cities on a rolling basis. A standardized guide on recruitment strategy was developed for all cities, to reach a sufficient number of adult participants. To make use of the strengths and minimize weakness, a combination of different opportunistic recruitment methods was applied. In addition, the random sampling approach was applied in the city of Örebro. To reduce the attrition rate and improve real-time monitoring, the Web-based platform featured a participant's and a researchers' user interface and dashboard. RESULTS: Overall, 10,691 participants were recruited; most people found out about the survey through their workplace or employer (2300/10691, 21.51%), outreach promotion (2219/10691, 20.76%), and social media (1859/10691, 17.39%). The average number of questionnaires filled in per participant varied significantly between the cities (P<.001), with the highest number in Zurich (11.0, SE 0.33) and the lowest in Örebro (4.8, SE 0.17). Collaboration with local organizations, the use of Facebook and mailing lists, and direct street recruitment were the most effective approaches in reaching a high share of participants (P<.001). Considering the invested working hours, Facebook was one of the most time-efficient methods. Compared with the cities' census data, the composition of study participants was broadly representative in terms of gender distribution; however, the study included younger and better-educated participants. CONCLUSIONS: We observed that offering a mixed recruitment approach was highly effective in achieving a high participation rate. The highest attrition rate and the lowest average number of questionnaires filled in per participant were observed in Örebro, which also recruited participants through random sampling. These findings suggest that people who are more interested in the topic are more willing to participate and stay in a survey than those who are selected randomly and may not have a strong connection to the research topic. Although direct face-to-face contacts were very effective with respect to the number of recruited participants, recruiting people through social media was not only effective but also very time efficient. The collected data are based on one of the largest recruited longitudinal samples with a common recruitment strategy in different European cities

Masking Proofs are Tight (and How to Exploit it in Security Evaluations)

Evaluating the security level of a leaking implementation against side-channel attacks is a challenging task. This is especially true when countermeasures such as masking are implemented since in this case: (i) the amount of measurements to perform a key recovery may become prohibitive for certification laboratories, and (ii) applying optimal (multivariate) attacks may be computationally intensive and technically challenging. In this paper, we show that by taking advantage of the tightness of masking security proofs, we can significantly simplify this evaluation task in a very general manner. More precisely, we show that the evaluation of a masked implementation can essentially be reduced to the one of an unprotected implementation. In addition, we show that despite optimal attacks against masking schemes are computationally intensive for large number of shares, heuristic (soft analytical side-channel) attacks can approach optimality very efficiently. As part of this second contribution, we also improve over the recent multivariate (aka horizontal) side-channel attacks proposed at CHES 2016 by Battistello et al

Very High Order Masking: Efficient Implementation and Security Evaluation

In this paper, we study the performances and security of recent masking algorithms specialized to parallel implementations in a 32-bit embedded software platform, for the standard AES Rijndael and the bitslice cipher Fantomas. By exploiting the excellent features of these algorithms for bitslice implementations, we first extend the recent speed records of Goudarzi and Rivain (presented at Eurocrypt 2017) and report realistic timings for masked implementations with 32 shares. We then observe that the security level provided by such implementations is uneasy to quantify with current evaluation tools. We therefore propose a new ``multi-model evaluation methodology which takes advantage of different (more or less abstract) security models introduced in the literature. This methodology allows us to both bound the security level of our implementations in a principled manner and to assess the risks of overstated security based on well understood parameters. Concretely, it leads us to conclude that these implementations withstand worst-case adversaries with >2^64 measurements under falsifiable assumptions